54 | 54 |
self.privatersa = privateRSA
|
55 | 55 |
self.privateed25519 = privateEd25519
|
56 | 56 |
self.fp = None
|
|
57 |
self.fdomain = ''
|
57 | 58 |
|
58 | 59 |
@Milter.noreply
|
59 | 60 |
def connect(self, hostname, unused, hostaddr):
|
|
135 | 136 |
try:
|
136 | 137 |
self.fdomain = self.author.split('@')[1].lower()
|
137 | 138 |
except IndexError as er:
|
138 | |
self.fdomain = '' # self.author was not a proper email address
|
|
139 |
pass # self.author was not a proper email address
|
139 | 140 |
if (milterconfig.get('Syslog') and
|
140 | 141 |
milterconfig.get('debugLevel') >= 1):
|
141 | 142 |
syslog.syslog("{0}: {1}".format(name, val))
|
142 | 143 |
elif lname == 'authentication-results':
|
143 | 144 |
self.arheaders.append(val)
|
144 | 145 |
if self.fp:
|
145 | |
self.fp.write(b"%s: %s\n" % (codecs.encode(name, 'ascii'), codecs.encode(val, 'ascii')))
|
|
146 |
try:
|
|
147 |
self.fp.write(b"%s: %s\n" % (codecs.encode(name, 'ascii'), codecs.encode(val, 'ascii')))
|
|
148 |
except:
|
|
149 |
# Don't choke on header fields with non-ascii garbage in them.
|
|
150 |
pass
|
146 | 151 |
return Milter.CONTINUE
|
147 | 152 |
|
148 | 153 |
@Milter.noreply
|
|
259 | 264 |
|
260 | 265 |
def check_dkim(self, txt):
|
261 | 266 |
res = False
|
|
267 |
self.header_a = None
|
262 | 268 |
for y in range(self.has_dkim): # Verify _ALL_ the signatures
|
263 | 269 |
d = dkim.DKIM(txt)
|
264 | 270 |
try:
|
|
292 | 298 |
self.header_i = codecs.decode(d.signature_fields.get(b'i'), 'ascii')
|
293 | 299 |
except TypeError as x:
|
294 | 300 |
self.header_i = None
|
295 | |
self.header_d = codecs.decode(d.signature_fields.get(b'd'), 'ascii')
|
296 | |
self.header_a = codecs.decode(d.signature_fields.get(b'a'), 'ascii')
|
|
301 |
try:
|
|
302 |
self.header_d = codecs.decode(d.signature_fields.get(b'd'), 'ascii')
|
|
303 |
self.header_a = codecs.decode(d.signature_fields.get(b'a'), 'ascii')
|
|
304 |
except Exception as x:
|
|
305 |
self.dkim_comment = str(x)
|
|
306 |
if milterconfig.get('Syslog'):
|
|
307 |
syslog.syslog("check_dkim: {0}".format(x))
|
|
308 |
self.header_d = None
|
|
309 |
if not self.header_a:
|
|
310 |
self.header_a = 'rsa-sha256'
|
297 | 311 |
if res:
|
298 | 312 |
if (milterconfig.get('Syslog') and
|
299 | 313 |
(milterconfig.get('SyslogSuccess') or
|
|
313 | 327 |
syslog.syslog('DKIM: Fail (saved as {0})'
|
314 | 328 |
.format(fname))
|
315 | 329 |
else:
|
316 | |
syslog.syslog('DKIM: Fail ({0})'.format(d.domain.lower()))
|
|
330 |
if milterconfig.get('Syslog'):
|
|
331 |
if d.domain:
|
|
332 |
syslog.syslog('DKIM: Fail ({0})'
|
|
333 |
.format(d.domain.lower()))
|
|
334 |
else:
|
|
335 |
syslog.syslog('DKIM: Fail, unextractable domain')
|
317 | 336 |
if res:
|
318 | 337 |
result = 'pass'
|
319 | 338 |
else:
|
320 | 339 |
result = 'fail'
|
321 | 340 |
res = False
|
322 | |
self.arresults.append(
|
323 | |
authres.DKIMAuthenticationResult(result=result,
|
|
341 |
if self.header_d:
|
|
342 |
self.arresults.append(
|
|
343 |
authres.DKIMAuthenticationResult(result=result,
|
324 | 344 |
header_i=self.header_i,
|
325 | 345 |
header_d=self.header_d,
|
326 | 346 |
header_a=self.header_a,
|
327 | 347 |
result_comment=
|
328 | 348 |
self.dkim_comment)
|
329 | 349 |
)
|
|
350 |
self.header_a = None
|
330 | 351 |
return
|
331 | 352 |
|
332 | 353 |
# get parent domain to be signed for if fdomain is a subdomain
|